Windows 10: Compatibility is Key

So you’ve heard – Windows 10 has hit the PC world by storm, with widespread adoption in the private and public sector catching up to the consumer side. According to Gartner, the adoption of Windows 10 is faster than previous OS and the traditional refresh cycles are shortening. What’s driving the movement? Well, it’s a combination of events really, all based on one common need – Security.

Three Key Drivers for Windows 10 Adoption

First off, most businesses either were or are still using Windows 7, one of the most successful Windows OS releases to date. However, End of Extended Support by January 2020 for Windows 7 was announced earlier this year, leaving just three years for IT teams to begin planning and implementing a shift to Windows 10. Considering the total time to evaluate and deploy Windows 10 is about 21 to 23 months, the time to start planning was yesterday.

Microsoft has also stepped up their security game in a major way, with a revamped Windows Defender offering malware protection out-of-the-box, new boot- and OS-level protections including Device Guard and Credential Guard, and carrying over major improvements made previously to BitLocker Drive Encryption with Windows 8 to the new Windows 10, among other notable features.

Lastly, recent security incidents including WannaCry and Petya leveraged vulnerabilities in legacy systems – primarily Windows XP and Windows 7 – to attack devices with ransomware on a scale never seen before. For that reason, Microsoft and many IT security companies, including WinMagic, highly recommend upgrading to Windows 10 with the new security patching and upgrade-as-a-service model.

BitLocker – A Solid Starting Point

Speaking with Gartner Analysts, we know that BitLocker Drive Encryption is being adopted on a scale never seen before with Windows 10. However, Aaron McIntosh (Product Marketing Manager) and I discovered that a key component of encryption seems to be missing – key management.

About two weeks ago, we hosted a webinar entitled Windows 10: How to Protect Your Data and Manage Compliance. Through polling questions we found that the majority of the audience was using BitLocker to protect data-at-rest on Windows systems, but most commonly without any management solution in place (75%), such as MBAM or a third-party solution. More importantly, the same audience noted common issues with cost of ownership, performance, compatibility and complexity.

Business are evidently leveraging OS-embedded encryption offered with BitLocker, but even so, they’re experiencing issues with applying an OS-specific security model to a diverse, multi-OS, multi-platform IT environment. For that reason and more outlined in my previous blog post on BitLocker, I believe that BitLocker is a solid starting point to protecting your data, but encryption is just the beginning.

Compatibility Checklist

Many businesses have realized the need for centralized key management and auditing when it comes to native crypto solutions like BitLocker for Windows or FileVault 2 for Mac. But it’s not easy choosing from a variety of third-party solutions out there, so let’s focus in on the issue of Compatibility when it comes to ISV Encryption and/or BitLocker Management for your Windows 10 deployment:

Ensure that your encryption solution supports both legacy-BIOS and UEFI with Secure Boot introduced with Windows 8. It’s been around for a while, but not all solutions support the newer UEFI, or they may require you to configure UEFI-enabled devices back to legacy-BIOS mode.

Check if your encryption solution allows you to leverage new Windows 10 security features alongside encryption/key management, including Device Guard and Credential Guard. You’ll want a solution that works alongside new features, instead of interfering with them.

Check if your solution provider is a Microsoft Gold Partner – ensuring that they complete a set of rigorous tests to prove their level of technology expertise, and work alongside Microsoft to provide integrated, reliable data protection across your Windows 10 deployments.

Choose an encryption and key management solution that is compatible with Windows, Mac and Linux across a variety of different platforms and hardware to deliver unified data protection.

WinMagic offers the most highly integrated solution for BitLocker Management in the market today, what we like to call SecureDoc on Top for BitLocker (or SDoT). You can learn more about SDoT and how it can help you reduce cost of ownership, improve performance, deliver more compatibility, and reduce complexity by checking out our latest Tech Brief on Managing BitLocker in the Enterprise.

Or

Leave a Comment

comments

Tagged Under:

Ryan Sanders is the Global Sales Enablement Specialist at WinMagic – so digging deep into the areas of compliance and regulation is his forte. With a political science background and a strong attraction to security technologies, methods and measures, Ryan contributes to the SecureSpeak blog to satisfy his insatiable curiosity for innovation in data protection. Ryan Sanders

The Site is open to the public. Therefore, consider your comments carefully and do not include anything in a comment that you would like to keep private. By uploading or otherwise making available any information to WinMagic in the form of user generated comments or otherwise, you grant Winmagic the unlimited, perpetual right to distribute, display, publish, reproduce, reuse and copy the information contained therein.

You are responsible for the content you post. You may not impersonate any other person through the blog. You may not post content that is obscene, defamatory, threatening, fraudulent, invasive of another person’s privacy rights, or is otherwise unlawful. You may not post content that infringes the intellectual property rights of any other person or entity. You may not post any content that contains any computer viruses or any other code designed to disrupt, damage, or limit the functioning of any computer software or hardware.

By submitting or posting content on the blog, you grant WinMagic and any company substantially under its control, the right to remove any content or comment that, in WinMagic’s sole judgment, does not comply with the posting guideline, the terms of this website or is otherwise objectionable. You also grant WinMagic and any company substantially under its control the right to modify, adapt, and edit any content.

Your use of this blog is subject to the terms of use of the website on which this blog is hosted blog.winmagic.com. Because WinMagic values your thoughtful opinions, we encourage you to add a comment to this discussion. However, please don’t be offended if we edit your comments for clarity or to keep out questionable matters, and we may even delete off-topic comments. Any opinions expressed within the blog are those of the author and not necessarily held by WinMagic itself. The information on this blog may be changed without notice and is not guaranteed to be complete, correct, timely, current or up-to-date. Similar to any printed materials, the information on this blog may become out-of-date. Winmagic undertakes no obligation to update any information on the blog; provided, however, that WinMagic may update the information on this blog at any time without notice in WinMagic’s sole and absolute discretion.